OFCMS Backend File Upload Vulnerability
OFCMS is a content management system based on Java technology. A background file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account the file.jsp::$DATA of the admin/comn/service/upload...